Deceiver in Program Clothing - Removing a VB Trojan Horse
written by: Regina Woodard•edited by: Amy Carson•updated: 6/30/2011
In our continued quest in getting everything we can from the web and online access, there are still things that we could easily do without; Trojan Horses are one of them; these nasty things came in all shades, but the damage they do is the same.Here we'll look the Trojan Horse VB.VJE variety.
slide 1 of 5
Not Just a Trick of Troy
If you're fan of Greek mythology or have taken a Greek mythology class, you've certainly heard the story of Helen of Troy. This fair maiden's abduction brought about the Trojan War, where the great hero Achilles was killed in battle and Helen would be forever hated by the Trojans. The story also brought about a famous term to describe the way in which the army was able to get in and rescue Helen - the Trojan Horse.
A Trojan Horse is now often associated with that particular malware and viruses that enter in a user's computer in the guise of being something it's not, usually a piece of software or a program that someone has downloaded or installed, thinking that it's something useful. These types of malware and viruses should be removed as soon as detected, as they have a potential of taking your information and forwarding to people you don't want to have it.
slide 2 of 5
What is a VB.VJE?
There are actually several different types of Trojan Horses. However, they usually have the same objective - the theft of your data and information on your computer. The VB.VJE Trojan is one of these, a type of information stealing Trojan, which sadly can easily go undetected by the user. As mentioned, this type of malware program can easily be installed on a computer without a user's knowledge and it may only be some odd behavior of the computer system or some files that may cause a user to wonder what's going on.
This particular malware is a part of the Windows System 32 (or Win32)-type Trojans, which are targeted at Microsoft Windows computers and systems. Again, a computer system can get this virus by either downloading/installing questionable programs or viewing questionable sites; usually a user's computer is not up to date on their antivirus programs or their browser settings are extremely low, disrupting usual warnings about websites or downloads that are being encountered.
In an odd twist, sometimes antivirus programs will report false positives in regards to these malicious threats. A false positive is when an antivirus program sees a safe or legal program or application that is installed on the computer as a threat and will report that there is a possible virus in the system. This may happen because of an update to the software or a known problem with one application has been solved, but not yet picked up by the antivirus program.
Many users of the free AVG antivirus program reported this after the installation of an otherwise safe download, like the Mozilla Firefox browser. The path usually shows within the D drive, which on most computers is the CD/DVD ROM drive. AVG acknowledged the issue and has steps for users to determine and fix false positives.
slide 3 of 5
How Do I Get Rid of It?
If you suspect that your computer might be infected, the best thing to do is run an antivirus scan. Many programs will have either a quick or full scan; you'll want to run the full scan to be sure that the program scans all of the areas in which a Trojan could possibly be hiding. Try running the scan during the time your computer is and when you don't have anything pressing that needs to be done, as full scans take much longer than quick scans.
If possible, try to run the scan in Safe Mode. Safe Mode is a protected program on your computer that only runs the most basic of programs and drivers; Avast, for instance, has an option in which you can run a virus scan in DOS, which effectively will notify you if there are viruses or malware within the system.
Another thing you can try is using Windows System Restore. System Restore restores a previous session of your programs before you encountered a problem. This of course can only be done if you have recent restore points, which occur whenever you've installed a new program or when Windows does an update. It's best to use a restore that's close to the date that you plan on restoring the system; this will help keep your system close to where you have it now, without the Trojan.
When encountering a false positive, such as when using AVG, the best thing is to update the antivirus program and then run the scan again. If this still brings up the infection, try using another antivirus program. There are several good and free software options that are very thorough at removing Trojan horse viruses that you can try in order to deem if your system is really compromised.
slide 4 of 5
So how do you avoid getting this particular virus or any virus? The best defense is a strong offense; this means making sure that both your antivirus program and that of your computer operating systems are up to date. Most programs can be set to automatically update the system without disrupting your work or your day.
It's also a good idea to run a quick scan every once in a while depending on how much you use your computer and your online activity. If using your computer everyday, it's good to run a scan at least twice a month.
An obvious plan is to be careful what you download and what websites you go to. Be aware of links within emails or mysterious websites; luckily there are many browser addons and plugins that can help detect good and bad sites, as well as preventing unwanted pop ups from occurring.
slide 5 of 5
Trojan Horse Infection from AVG Forums, http://forums.avg.com/ww-en/avg-free-forum?sec=thread&act=show&id=74029
Win32.VB from eXterminate it, http://www.exterminate-it.com/malpedia/remove-win32-vb